Equifax Data Breach Exposes Personal Information of 143 Million

FrgMstr

Just Plain Mean
Staff member
Joined
May 18, 1997
Messages
55,533
Another day, another huge data breach. This time Equifax, which is a company that has data on damn near every person in North America. Enjoy! Thanks cageymaru.


Equifax (EFX) said Thursday that hackers have gained access to personal information belonging to 143 million U.S. consumers after exploiting a vulnerability on the credit bureau's website.

The hack occurred between mid-May and July, according to Equifax, one of the nation's biggest credit reporting agencies. The leaked information includes names, Social Security numbers, birth dates and in some cases driver's license numbers.


UPDATE: It seems as though three Euqifax managers sold stock before the hack was revealed. Hmmm.
 
Last edited:
Well shit. So is this only consumers who had their credit ran during the timeframe? Or is it everyone the hackers were able to get during the time period? The article didn't say. If the former then I'm good. If the latter then, as I said, well shit.
 
Honestly this is just meh at this point. It's all out there anyway, perhaps this just allows more updated addresses.

Now if it actually breached the whole credit report, we'd all be screwed. But from their claim at least it's just PII data, and credit card numbers and dispute information for about 200k people.

I mean, still screw them for allowing this but...when a full ID and corresponding information costs less than $1, it means there's so much supply for this already another 100M means nothing. A sad state of affairs.
 
That's okay. My credit's already trash.

I mean... they can only make it look better.

Maybe they'll try at a really ritzy hotel and make it look like I walk in a suit and tie and do theiving. Not the "Now you see this" type of thiefs. But the "Oceans 11" movie type. You know how there's all the awesome shit that happens and everything? That type. They ruin my credit being Jame's Bond and Brad Pitt had sex with a Bugatti Veyron. Not at the same time. No homo. Then the credit beau will be all like, "Damn. This gent's got the cash flow. Time we bumped up his credit from 300 to 800. Man's got the threads."Then everyone feels sorry about the depth of despair and send me money to feed my burning Video Card and CPU addiction that I've developed thanks to Kyle's awesome [H] videos about Delidding processors with strange objects.

Thanks Kyle.
 
Last edited:
Well that's not good. I see these guys going to jail in the years to come. Feds do not take kindly to this shit.

Good catch. Apparently my free Equifax TrustedID Premiere enrollment date is 9/13. Anyone else?
 
You mean being "sternly reprimanded" and doing 6 months on Club Fed and getting a $50 million golden parachute?
These guys are too low level. While they are "executives", they are not Club Fed status I don't think.
 
I'm more livid than you can imagine. Not at the hack.

That these POS credit bureau's are allowed to keep massive amounts of sensitive data on us, and then CHARGE us to exert any control?

I was impacted.

Today, moments after this hit the news... I got an email from Credit Karma noting an attempt to change my password (did not succeed, I have to click in the email for next steps). 10 minutes later while going to a wake, I get an email from a credit card company noting that my email address has just been changed.

I spend like 20+ mins dealing with that with the CC company, but then visit the Equifax website setup to address this issue. It tells me my enrollment date is 9/11, four days away - that's when I am allowed to enroll. (TBH, I already have a fraud alert on my reports from an event 4 years ago, but figured considering the severity of this, and that minutes after it went public I already had two attempts of fraud, one of them successful...)

Anyway, only Equifax let me put in a security freeze (to not share my file with anyone)... Here's where I become super livid. An hour later after realizing the other bureaus won't let me do it online and I have to mail them, I try to remove the Equifax freeze.

They want $5 for this.

So I can't enroll in their protection plan, even though I already have fraud occuring... And their standard freeze process wants money from me.

They make billions selling information our credit history, separately market products to us consumers... But if we want to exert any control over that, they come looking for a payment method.

It's not the money that bothers me - it's the principle. (Since I'm now twice a victim (a small charge went through on that one CC)... I'll get it removed later for free, after I send them proof to extend my current fraud alert out 7 years from the 3 remaining)

Sorry for the rant. :)
 
Almost 4 months till this was reported, and now the "complimentary" offer for some "credit protection" bullshit. Somehow this just doesn't seem legit to me, I mean I get they're making this offer because they think it's a good thing but, whenever these events happen and then there's some offer immediately afterwards it just rings like a bait & switch to me, that's my gut feeling here.
 
I'll say it now like I've said in the past. This is a massive lawsuit offense and Equifax should be sued into oblivion for their negligence and malfeasance. They need to be taught a lesson and as the keepers of my personal data and credit information, they were or are obligated to keep it safe and not expose me to criminality. They need to pay. So I'm going to talk to my attorney and see what recourse I have available to me and pursue it. That's the bottom line. Enough is enough.
 
once the free identity theft protection ends, I'm going to have a shit ton of unauthorized credit card accounts opened under my name. Just watch
 
The whole credit monitoring thing is a huge scam anyway. This could blow up big time. Time for more regulation.
 
I love how they say "complimentary" when they actually mean "compensatory" - plus this crap is exactly like the war(s) in the Middle East. Let's just announce a deadline for when we're gonna pull out, so the bad guys can just wait us out. Let see Free Credit Protection for one year ... okay so a year and a day later, boom!
 
These companies need to start encrypting all data, that way when a breach happens, the data is useless. Unless they break into the company its self for the key.
 
Unfortunately there's been a few times over the last several years or so where I went through this company to do the free 90 days credit watch.

I'm concerned.
 
I have been wondering about these robocalls i've been getting lately. Since they share data everyone is at risk.
 
Strange timing because I just got some weird spam today I haven't seen before
 
Someone replied to a spam email I got on my account and had to change my password. Weird stuff.
 
Well just accessed annualcreditreport.com

I seem to be in the clear.

For those who worry, this site was mandated by the government so consumers could see potentially damaging fraudulent accounts or bad information.

It's free to use once a year. It includes reports from Experion, TransUnion, and Equifax.
 
Someone else said what I was thinking. It's time we unlinked social security numbers from credit.

The I'd plan I see is you entering your 9 digit SOC sec. Then a 4 digit pin which is illegal to store and sent to a govt clearing computer to verify it's you. Your records are then hashed based on the companies private key and your social.
 
This would explain the weird stuff recently. My dad kept getting a password change request on his email and I got a call from Chase confirming I made certain charges.

These companies won't take data security seriously until one of them is hit with a fine so severe they're all but bankrupt.

Just checked, my enrollment data is 9/12, so that means I'm one part of it. Joy.
 
OpenDNS security triggering phishing on the site they setup to see if you're compromised.
 
Well just accessed annualcreditreport.com

I seem to be in the clear.

For those who worry, this site was mandated by the government so consumers could see potentially damaging fraudulent accounts or bad information.

It's free to use once a year. It includes reports from Experion, TransUnion, and Equifax.

The problem may not be immediate. I know from previous security breaches... it could take a while before you get an alert of some kind. It can be really damaging to do a lot in life.

Go here: https://www.equifaxsecurity2017.com/potential-impact/

To determine if your personal information may have been impacted by this incident, please follow the below steps:

  1. Click on the below link, “Check Potential Impact,” and provide your last name and the last six digits of your Social Security number.
  2. Based on that information, you will receive a message indicating whether your personal information may have been impacted by this incident.
  3. Regardless of whether your information may have been impacted, we will provide you the option to enroll in TrustedID Premier. You will receive an enrollment date. You should return to this site and follow the “How do I enroll?” instructions below on or after that date to continue the enrollment and activation process. The enrollment period ends on Tuesday, November 21, 2017.

This is a lot larger than normal credit breaches a.k.a. Yahoo or even Sony. This really does have the potential to screw over your plans for life.
 
Go here: https://www.equifaxsecurity2017.com/potential-impact/



This is a lot larger than normal credit breaches a.k.a. Yahoo or even Sony. This really does have the potential to screw over your plans for life.

Yeah I went there and looks like I'm signed up.

Luckily I have 1 account and it's my mortgage. So it will be hard for them to manipulate any others.

Equifax will be sued into the ground for this. One year credit monitoring won't cut it.

But that Equifax security website is f'ing worthless. I entered the information and all it said was I was enrolled. Not if I was impacted. I also had to copy the link and check again in a few days for products they are offering.

This is one class action I would be happy to hop on.
 
Last edited by a moderator:
I enrolled and it said I may be a victim. Without any information given but my last name and social, how are they going to get a hold of me on the 13th when my enrollment starts?

What do I do?
 
according to that website checker, i may also be a victim. I also have a very high credit score, so my shit is even more enticing for thieves to open credit cards and car loans under my name.

And the fucked up thing is, the ID theft protection has $1 million insurance, but they're only giving it to us for one year.
 
Back
Top